# Copyright 2022 The TensorFlow Authors. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ==============================================================================

name: Build SIG Build containers as presubmits

on:
  pull_request:
    types: [labeled, opened, synchronize, reopened]
    paths:
      - '.github/workflows/sigbuild-docker-presubmit.yml'
      - 'tensorflow/tools/tf_sig_build_dockerfiles/**'
      - '!tensorflow/tools/tf_sig_build_dockerfiles/README.md'

jobs:
  docker:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version: [python3.9, python3.10, python3.11]
    steps:
      -
        name: Checkout
        uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1
      -
        name: Login to GCR
        if: contains(github.event.pull_request.labels.*.name, 'build and push to gcr.io for staging')
        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
        with:
          registry: gcr.io
          username: _json_key
          password: ${{ secrets.GCP_CREDS }}
      -
        name: Grab the date to do cache busting (assumes same day OK to keep)
        run: |
          echo "DATE=$(date +'%Y-%m-%d')" >> "$GITHUB_OUTPUT"
        id: date
      -
        name: Build containers, and push to GCR only if the 'build and push to gcr.io for staging' label is applied
        id: docker_build
        uses: docker/build-push-action@c56af957549030174b10d6867f20e78cfd7debc5 # v3.2.0
        with:
          push: ${{ contains(github.event.pull_request.labels.*.name, 'build and push to gcr.io for staging') }}
          context: ./tensorflow/tools/tf_sig_build_dockerfiles
          target: devel
          build-args: |
            PYTHON_VERSION=${{ matrix.python-version }}
            CACHEBUSTER=${{ steps.date.outputs.DATE }}
          tags: |
            gcr.io/tensorflow-sigs/build:${{ github.event.number }}-${{ matrix.python-version }}
          cache-from: |
            type=registry,ref=tensorflow/build:latest-${{ matrix.python-version }}
            type=registry,ref=gcr.io/tensorflow-sigs/build:${{ github.event.number }}-${{ matrix.python-version }}
          cache-to: type=inline
      -
        name: Add a comment with the pushed containers
        uses: mshick/add-pr-comment@a65df5f64fc741e91c59b8359a4bc56e57aaf5b1 # v2
        if: contains(github.event.pull_request.labels.*.name, 'build and push to gcr.io for staging')
        with:
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          message: |
            I pushed these containers:
            
            - `gcr.io/tensorflow-sigs/build:${{ github.event.number }}-python3.11`
            - `gcr.io/tensorflow-sigs/build:${{ github.event.number }}-python3.10`
            - `gcr.io/tensorflow-sigs/build:${{ github.event.number }}-python3.9`
            
            Re-apply the `build and push to gcr.io for staging` label to rebuild and push again. This comment will only be posted once.
      -
        name: Print image digest
        run: echo ${{ steps.docker_build.outputs.digest }}
